Sunday, August 29, 2010

In OpenSSO, there are 2 types of Policy Agent to choose. Customers always get confused on which type and on which tier to deploy in their environment.

The following diagrams illustrates clearly. Based on the Selection Criteria, Web Policy Agent will be deployed on the Web tier.

J2EE Policy Agent will be deployed on the Application tier.

PS: If J2EE Policy Agent is deployed on the Application tier, there is no need for Web Policy Agent to be deployed on the Web tier. Simply allow the pass-through on the web server and let the Policy Evaluation be carried out on the Application tier.

Thursday, August 26, 2010

I have been busy involving in the design of a Single Sign-On (SSO) and Enterprise Single Sign-On (ESSO) solution for a local ministry.

They have a few hundreds applications (web-based and non web-based). Thus we need to have a concise selection criteria for them.

There are 2 types of policy agents available from OpenSSO:

1. Web Policy Agent

2. J2EE Policy Agent

In order to integrate applications for Single Sign-On with OpenSSO, they must be:

1. web-based

2. authenticate with a common authentication repository

3. supported by available policy agents from OpenSSO

If applications are customizable, Web Policy Agent will be chosen. Otherwise, if applications are pure J2EE-based that utilize the Java Authentication and Authorization Service (JAAS), then J2EE Policy Agent will be chosen.

Friday, August 13, 2010

Sun Directory Server Enterprise Edition (DSEE 7.0) has now been rebranded as Oracle Directory Services Directory Server Enterprise Edition 11gR1. It is now part under the Oracle Fusion Middleware umbrella.